439 matches found
CVE-2022-37002
The SystemUI module has a privilege escalation vulnerability. Successful exploitation of this vulnerability can cause malicious applications to pop up windows or run in the background.
CVE-2022-37006
Permission control vulnerability in the network module. Successful exploitation of this vulnerability may affect service availability.
CVE-2022-46317
The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.
CVE-2023-46764
Unauthorized startup vulnerability of background apps. Successful exploitation of this vulnerability may cause background apps to start maliciously.
CVE-2023-52553
Race condition vulnerability in the Wi-Fi module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2023-52716
Vulnerability of starting activities in the background in the ActivityManagerService (AMS) module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2022-31751
The kernel emcom module has multi-thread contention. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-39006
The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.
CVE-2022-46324
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
CVE-2022-46326
Some smartphones have the out-of-bounds write vulnerability. Successful exploitation of this vulnerability may cause system service exceptions.
CVE-2022-48314
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2022-48356
The facial recognition module has a vulnerability in input parameter verification. Successful exploitation of this vulnerability may cause failed facial recognition.
CVE-2023-44108
Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart.
CVE-2023-52538
Vulnerability of package name verification being bypassed in the HwIms module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2022-38999
The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability.
CVE-2022-44548
There is a vulnerability in permission verification during the Bluetooth pairing process. Successful exploitation of this vulnerability may cause the dialog box for confirming the pairing not to be displayed during Bluetooth pairing.
CVE-2022-44551
The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability.
CVE-2022-48353
Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause kernel privilege escalation, which results in system service exceptions.
CVE-2024-36501
Memory management vulnerability in the boottime moduleImpact: Successful exploitation of this vulnerability can affect integrity.
CVE-2024-42031
Access permission verification vulnerability in the Settings module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2022-41583
The storage maintenance and debugging module has an array out-of-bounds read vulnerability.Successful exploitation of this vulnerability will cause incorrect statistics of this module.
CVE-2023-52543
Permission verification vulnerability in the system module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2023-52549
Vulnerability of data verification errors in the kernel module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54097
Security vulnerability in the HiView moduleImpact: Successful exploitation of this vulnerability may affect feature implementation and integrity.
CVE-2021-40010
The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution.
CVE-2021-40017
The HW_KEYMASTER module lacks the validity check of the key format. Successful exploitation of this vulnerability may result in out-of-bounds memory access.
CVE-2022-31759
AppLink has a vulnerability of accessing uninitialized pointers. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-41596
The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components.
CVE-2022-44554
The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device.
CVE-2022-46321
The Wi-Fi module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-48349
The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability.
CVE-2022-48613
Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may cause variable values to be read with the condition evaluation bypassed.
CVE-2023-34156
Vulnerability of services denied by early fingerprint APIs on HarmonyOS products.Successful exploitation of this vulnerability may cause services to be denied.
CVE-2023-39385
Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access.
CVE-2023-52537
Vulnerability of package name verification being bypassed in the HwIms module.Impact: Successful exploitation of this vulnerability will affect availability.
CVE-2023-52554
Permission control vulnerability in the Bluetooth module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2023-52713
Vulnerability of improper permission control in the window management module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVE-2023-52714
Vulnerability of defects introduced in the design process in the hwnff module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2021-46812
The Device Manager has a vulnerability in multi-device interaction. Successful exploitation of this vulnerability may affect data integrity.
CVE-2021-46856
The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-41582
The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability.
CVE-2022-41591
The backup module has a path traversal vulnerability. Successful exploitation of this vulnerability causes unauthorized access to other system files.
CVE-2022-44563
There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-47975
The DUBAI module has a double free vulnerability. Successful exploitation of this vulnerability may affect system availability.
CVE-2022-48357
Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may cause denial of service (DoS) attacks to the kernel.
CVE-2022-48359
The recovery mode for updates has a vulnerability that causes arbitrary disk modification. Successful exploitation of this vulnerability may affect confidentiality.
CVE-2023-26547
The InputMethod module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.
CVE-2023-52550
Vulnerability of data verification errors in the kernel module.Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-36499
Vulnerability of unauthorized screenshot capturing in the WMS moduleImpact: Successful exploitation of this vulnerability may affect service confidentiality.
CVE-2024-54101
Denial of service (DoS) vulnerability in the installation moduleImpact: Successful exploitation of this vulnerability will affect availability.